From Proofs to Products: Shipping What Matters

During DevConnect 2025, at the ZKonnect event by Brevis, Sylve was part of a panel on From Proofs to Products: Shipping What Matters.

You can read Sylve's highlights below! And if you'd prefer, here's the whole panel with Sylve, Vladimir Tikhomirov from Algebra, Xiang Xie from Primus Labs, and Milica Vulić from zkVerify.

Why build with ZK?

If you look at the chronology of ZK applications in blockchain, that's usually how it follows.

You start with privacy, like Zcash. If you want to build a privacy-preserving application, it is an extremely powerful tool.

But there’s more than privacy to ZK.

Take the recent Aztec sale, for example: to prove you weren't from a country excluded from the sale, you just tapped your passport on your phone, and it generated a proof that you were a citizen of a country able to participate.

This is really cool because:

1. it's privacy-preserving.
2. it’s efficient: you don't need to contract a third-party service that charges several dollars per KYC.
3. it's accessible: you can have more people participate using existing form factors like a passport or ID card.

That's what we're trying to enable with Hyli: just making it as easy as possible to use tools like ZK in blockchain applications.

The reality of shipping ZK in production

I definitely think we need more infra, more tools, more consumption, more education.

We all know the usual ZK challenges: it's difficult to audit and to maintain.

But it's getting a lot better now.

zkVMs have been a force of nature. Rather than hire 15 cryptographers in your team, you can just use Risc Zero, Brevis, SP1… all these good zkVMs, and it's just fantastic! You can write in Rust, and that's great.

But obviously we’re not there yet in terms of proving speed and RAM requirements.

There's been a lot of effort spent on server-side proving because that's where most of the funding has gone, to prove Ethereum rollups. But when it comes to client-side proving, there's still so much that can be done.

Shout out to the Noir team because they really built something quite different from the rest, very efficient. They were recently used in the Google identity solution to prove that you're over 18. Even the European Union is looking at this.

Balancing idealism and pragmatism

For us, it always comes down to: can you actually make it run?

We ran a really big benchmark with a very specific mission: what is the best proving system to prove a signature on the secp256r1 curve in-browser? We reviewed absolutely everything.

We looked at everything and we took a very naive approach: look at everything, and find the best solution.

So we started with zkVMs. But we don't have enough RAM to run any of this client-side, and we won't have for the next five or six years. That's out of the question.

Then you look at what other projects have done: Circom, Halo2… In theory it seems like they work, but they just don’t run at all.

Then you run into Groth16: it seems good, until you realize the proving key is like gigabytes.

You go down the stack, and you end up with Noir. Noir was the only viable solution.

Everyone wants the perfect absolute solution. But right now, we all have things to run in production.

We need to get to a point where everything can run in a browser very efficiently, client-side zkVM, etc. In the meantime, we also have to be extremely pragmatic. So we often end up using TEEs, which have a lot of issues but at least they work.

Our recommendation for client-side proving is to use Noir. It works really well for us.

Building for today and tomorrow

We talk about real-time proving, about so many aspirational things for the future of ZK. But let’s be honest: for now, it is still very expensive and quite slow.

We took all of this into account when we designed Hyli, our high-performance blockchain with built-in privacy.

We make sure you can get instant soft confirmation for your transactions, even though your proof can take some minutes to generate.

This way, we make Hyli future-proof while also ensuring that it’s usable right now, with the current tools at our disposal.